mirror of
https://github.com/LemmyNet/lemmy.git
synced 2025-03-30 15:09:35 +00:00
48 lines
1.7 KiB
Rust
48 lines
1.7 KiB
Rust
use crate::blocking;
|
|
use chrono::Utc;
|
|
use jsonwebtoken::{decode, encode, DecodingKey, EncodingKey, Header, TokenData, Validation};
|
|
use lemmy_db_queries::{source::secrets::Secrets_, DbPool};
|
|
use lemmy_db_schema::source::secrets::Secrets;
|
|
use lemmy_utils::{settings::structs::Settings, LemmyError};
|
|
use serde::{Deserialize, Serialize};
|
|
|
|
type Jwt = String;
|
|
|
|
#[derive(Debug, Serialize, Deserialize)]
|
|
pub struct Claims {
|
|
/// local_user_id, standard claim by RFC 7519.
|
|
pub sub: i32,
|
|
pub iss: String,
|
|
/// Time when this token was issued as UNIX-timestamp in seconds
|
|
pub iat: i64,
|
|
}
|
|
|
|
impl Claims {
|
|
pub async fn decode(jwt: &str, pool: &DbPool) -> Result<TokenData<Claims>, LemmyError> {
|
|
let v = Validation {
|
|
validate_exp: false,
|
|
..Validation::default()
|
|
};
|
|
let secret = get_jwt_secret(pool).await?;
|
|
let key = DecodingKey::from_secret(secret.as_ref());
|
|
Ok(decode::<Claims>(jwt, &key, &v)?)
|
|
}
|
|
|
|
pub async fn jwt(local_user_id: i32, pool: &DbPool) -> Result<Jwt, LemmyError> {
|
|
let my_claims = Claims {
|
|
sub: local_user_id,
|
|
iss: Settings::get().hostname,
|
|
iat: Utc::now().timestamp(),
|
|
};
|
|
let key = EncodingKey::from_secret(get_jwt_secret(pool).await?.as_ref());
|
|
Ok(encode(&Header::default(), &my_claims, &key)?)
|
|
}
|
|
}
|
|
|
|
/// TODO: would be good if we could store the jwt secret in memory, so we dont have to run db
|
|
/// queries all the time (which probably affects performance). but its tricky, we cant use a
|
|
/// static because it requires a db connection to initialize.
|
|
async fn get_jwt_secret(pool: &DbPool) -> Result<String, LemmyError> {
|
|
let jwt_secret = blocking(pool, move |conn| Secrets::read(conn)).await??;
|
|
Ok(jwt_secret)
|
|
}
|